-
Notifications
You must be signed in to change notification settings - Fork 0
/
variables.tf
107 lines (92 loc) · 2.82 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
#------------------------------------------------------------------------------
# General
#------------------------------------------------------------------------------
variable "region" {
type = string
description = "Default AWS region."
default = "us-east-1"
}
variable "environment" {
type = string
description = "Current Environment"
default = "dev"
}
variable "prefix" {
type = string
description = "Prefix to prepend to resources (for easy identification)."
default = "main"
}
variable "tags" {
description = "Common Tags"
type = map(string)
default = {
ManagedBy = "Terraform"
}
}
#------------------------------------------------------------------------------
# Provider
#------------------------------------------------------------------------------
variable "assume_role_arn" {
type = string
description = "AWS role to assume when provisioning resources"
default = ""
}
#------------------------------------------------------------------------------
# IAM
#------------------------------------------------------------------------------
variable "admin_users" {
type = list(string)
description = "IAM users (username) to add to the `Admins` group."
default = []
}
variable "admin_user_iam_policies" {
type = list(string)
description = "Admin user IAM policies"
default = ["arn:aws:iam::aws:policy/AdministratorAccess"]
}
variable "dev_users" {
type = list(string)
description = "IAM users (username) to add to the `Developers` group."
default = []
}
variable "dev_user_iam_policies" {
type = list(string)
description = "Dev user IAM policies"
default = [
"arn:aws:iam::aws:policy/AmazonEC2FullAccess",
"arn:aws:iam::aws:policy/AWSLambda_FullAccess",
"arn:aws:iam::aws:policy/AmazonECS_FullAccess",
]
}
variable "basic_users" {
type = list(string)
description = "IAM users (username) to add to the `Viewers` group."
default = []
}
variable "basic_user_iam_policies" {
type = list(string)
description = "Basic user IAM policies"
default = ["arn:aws:iam::aws:policy/job-function/ViewOnlyAccess"]
}
#------------------------------------------------------------------------------
# Budget
#------------------------------------------------------------------------------
variable "monthly_budget" {
type = string
description = "Monthly budget"
default = "100"
}
variable "budget_currency" {
type = string
description = "The 3-letter currency code as defined in ISO 4217"
default = "USD"
}
variable "budget_alert_thresholds" {
type = list(number)
default = [50, 75, 90, 100]
description = "What points (percentage) should billing alerts be sent"
}
variable "budget_alert_emails" {
type = list(string)
default = []
}